CVE-2018-9026

Name of the Vulnerable Software and Affected Versions CA Privileged Access Manager versions 2.x

Description A session fixation issue allows remote attackers to hijack user sessions with a specially crafted request. This enables attackers to potentially gain unauthorized access to sensitive information.

Recommendations For CA Privileged Access Manager version 2.x, update to a version that includes a fix for this issue to prevent session hijacking. As a temporary workaround, consider implementing additional session validation and regeneration mechanisms to minimize the risk of exploitation. Restrict access to sensitive resources and monitor user session activity closely until a patch is applied.